CVE-2014-2071
Aruba ClearPass Policy Manager (CPPM) versions 6.1.x, 6.2.x prior to 6.2.5.61640, and 6.3.x prior to 6.3.0.61712 are affected. When CPPM is configured to use tunneled and non-tunneled EAP methods within a single policy construct, remote authenticated users can escalate privileges by advertising i...